From ae8e085c608d5983f56c08ecf09714f59dd4e44d Mon Sep 17 00:00:00 2001 From: Pablo de Lara Date: Fri, 9 Oct 2020 11:29:54 +0000 Subject: [PATCH] crypto/aesni_mb: support KASUMI F8/F9 Add support for KASUMI-F8/F9 algorithms through the intel-ipsec-mb job API, allowing the mix of these algorithms with others. Signed-off-by: Pablo de Lara Acked-by: Akhil Goyal --- doc/guides/cryptodevs/aesni_mb.rst | 2 + doc/guides/cryptodevs/features/aesni_mb.ini | 2 + doc/guides/rel_notes/release_20_11.rst | 1 + .../crypto/aesni_mb/aesni_mb_pmd_private.h | 13 ++++-- drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 34 +++++++++++++++ .../crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 41 +++++++++++++++++++ 6 files changed, 90 insertions(+), 3 deletions(-) diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst index 18631f6db2..abc10fbda5 100644 --- a/doc/guides/cryptodevs/aesni_mb.rst +++ b/doc/guides/cryptodevs/aesni_mb.rst @@ -37,6 +37,7 @@ Cipher algorithms: * RTE_CRYPTO_CIPHER_AES256_ECB * RTE_CRYPTO_CIPHER_ZUC_EEA3 * RTE_CRYPTO_CIPHER_SNOW3G_UEA2 +* RTE_CRYPTO_CIPHER_KASUMI_F8 Hash algorithms: @@ -56,6 +57,7 @@ Hash algorithms: * RTE_CRYPTO_AUTH_SHA512 * RTE_CRYPTO_AUTH_ZUC_EIA3 * RTE_CRYPTO_AUTH_SNOW3G_UIA2 +* RTE_CRYPTO_AUTH_KASUMI_F9 AEAD algorithms: diff --git a/doc/guides/cryptodevs/features/aesni_mb.ini b/doc/guides/cryptodevs/features/aesni_mb.ini index 5a862336b7..6113e906a7 100644 --- a/doc/guides/cryptodevs/features/aesni_mb.ini +++ b/doc/guides/cryptodevs/features/aesni_mb.ini @@ -36,6 +36,7 @@ AES ECB (192) = Y AES ECB (256) = Y ZUC EEA3 = Y SNOW3G UEA2 = Y +KASUMI F8 = Y ; ; Supported authentication algorithms of the 'aesni_mb' crypto driver. @@ -57,6 +58,7 @@ AES CMAC (128) = Y AES GMAC = Y ZUC EIA3 = Y SNOW3G UIA2 = Y +KASUMI F9 = Y ; ; Supported AEAD algorithms of the 'aesni_mb' crypto driver. diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst index 40f8a1e2c8..d1e37583fb 100644 --- a/doc/guides/rel_notes/release_20_11.rst +++ b/doc/guides/rel_notes/release_20_11.rst @@ -157,6 +157,7 @@ New Features * Added support for AES-ECB 128, 192 and 256. * Added support for ZUC-EEA3/EIA3 algorithms. * Added support for SNOW3G-UEA2/UIA2 algorithms. + * Added support for KASUMI-F8/F9 algorithms. * **Updated Marvell NITROX symmetric crypto PMD.** diff --git a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h index 85039dbf2c..9693bf9854 100644 --- a/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h +++ b/drivers/crypto/aesni_mb/aesni_mb_pmd_private.h @@ -57,7 +57,8 @@ static const unsigned auth_blocksize[] = { [PLAIN_SHA_512] = 128, #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM [IMB_AUTH_ZUC_EIA3_BITLEN] = 16, - [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16 + [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 16, + [IMB_AUTH_KASUMI_UIA1] = 16 #endif }; @@ -92,7 +93,8 @@ static const unsigned auth_truncated_digest_byte_lengths[] = { [PLAIN_SHA_512] = 64, #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM [IMB_AUTH_ZUC_EIA3_BITLEN] = 4, - [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4 + [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4, + [IMB_AUTH_KASUMI_UIA1] = 4 #endif }; @@ -128,7 +130,8 @@ static const unsigned auth_digest_byte_lengths[] = { [PLAIN_SHA_512] = 64, #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM [IMB_AUTH_ZUC_EIA3_BITLEN] = 4, - [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4 + [IMB_AUTH_SNOW3G_UIA2_BITLEN] = 4, + [IMB_AUTH_KASUMI_UIA1] = 4 #endif /**< Vector mode dependent pointer table of the multi-buffer APIs */ @@ -244,6 +247,8 @@ struct aesni_mb_session { #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM snow3g_key_schedule_t pKeySched_snow3g_cipher; /**< SNOW3G scheduled cipher key */ + kasumi_key_sched_t pKeySched_kasumi_cipher; + /**< KASUMI scheduled cipher key */ #endif }; } cipher; @@ -289,6 +294,8 @@ struct aesni_mb_session { #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM snow3g_key_schedule_t pKeySched_snow3g_auth; /**< SNOW3G scheduled authentication key */ + kasumi_key_sched_t pKeySched_kasumi_auth; + /**< KASUMI scheduled authentication key */ #endif }; /** Generated digest size by the Multi-buffer library */ diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c index bb917b8ff6..34a39ca992 100644 --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c @@ -279,6 +279,19 @@ aesni_mb_set_session_auth_parameters(const MB_MGR *mb_mgr, IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->auth.key.data, &sess->auth.pKeySched_snow3g_auth); return 0; + } else if (xform->auth.algo == RTE_CRYPTO_AUTH_KASUMI_F9) { + sess->auth.algo = IMB_AUTH_KASUMI_UIA1; + uint16_t kasumi_f9_digest_len = + get_truncated_digest_byte_length(IMB_AUTH_KASUMI_UIA1); + if (sess->auth.req_digest_len != kasumi_f9_digest_len) { + AESNI_MB_LOG(ERR, "Invalid digest size\n"); + return -EINVAL; + } + sess->auth.gen_digest_len = sess->auth.req_digest_len; + + IMB_KASUMI_INIT_F9_KEY_SCHED(mb_mgr, xform->auth.key.data, + &sess->auth.pKeySched_kasumi_auth); + return 0; } #endif @@ -417,6 +430,7 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr, #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM uint8_t is_zuc = 0; uint8_t is_snow3g = 0; + uint8_t is_kasumi = 0; #endif if (xform == NULL) { @@ -481,6 +495,10 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr, sess->cipher.mode = IMB_CIPHER_SNOW3G_UEA2_BITLEN; is_snow3g = 1; break; + case RTE_CRYPTO_CIPHER_KASUMI_F8: + sess->cipher.mode = IMB_CIPHER_KASUMI_UEA1_BITLEN; + is_kasumi = 1; + break; #endif default: AESNI_MB_LOG(ERR, "Unsupported cipher mode parameter"); @@ -597,6 +615,14 @@ aesni_mb_set_session_cipher_parameters(const MB_MGR *mb_mgr, sess->cipher.key_length_in_bytes = 16; IMB_SNOW3G_INIT_KEY_SCHED(mb_mgr, xform->cipher.key.data, &sess->cipher.pKeySched_snow3g_cipher); + } else if (is_kasumi) { + if (xform->cipher.key.length != 16) { + AESNI_MB_LOG(ERR, "Invalid cipher key length"); + return -EINVAL; + } + sess->cipher.key_length_in_bytes = 16; + IMB_KASUMI_INIT_F8_KEY_SCHED(mb_mgr, xform->cipher.key.data, + &sess->cipher.pKeySched_kasumi_cipher); #endif } else { if (xform->cipher.key.length != 8) { @@ -1251,6 +1277,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, job->u.SNOW3G_UIA2._iv = rte_crypto_op_ctod_offset(op, uint8_t *, session->auth_iv.offset); break; + case IMB_AUTH_KASUMI_UIA1: + job->u.KASUMI_UIA1._key = (void *) &session->auth.pKeySched_kasumi_auth; + break; #endif default: job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner; @@ -1282,6 +1311,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, } else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) { job->enc_keys = &session->cipher.pKeySched_snow3g_cipher; m_offset = 0; + } else if (job->cipher_mode == IMB_CIPHER_KASUMI_UEA1_BITLEN) { + job->enc_keys = &session->cipher.pKeySched_kasumi_cipher; + m_offset = 0; } #endif @@ -1383,6 +1415,8 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp, #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) job->msg_len_to_cipher_in_bytes >>= 3; + else if (job->hash_alg == IMB_AUTH_KASUMI_UIA1) + job->msg_len_to_hash_in_bytes >>= 3; #endif /* Set user data to be crypto operation data struct */ diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c index 2b236b7549..0f74be126d 100644 --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c @@ -606,6 +606,47 @@ static const struct rte_cryptodev_capabilities aesni_mb_pmd_capabilities[] = { }, } }, } }, + { /* KASUMI (F9) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_AUTH, + {.auth = { + .algo = RTE_CRYPTO_AUTH_KASUMI_F9, + .block_size = 8, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .digest_size = { + .min = 4, + .max = 4, + .increment = 0 + }, + .iv_size = { 0 } + }, } + }, } + }, + { /* KASUMI (F8) */ + .op = RTE_CRYPTO_OP_TYPE_SYMMETRIC, + {.sym = { + .xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER, + {.cipher = { + .algo = RTE_CRYPTO_CIPHER_KASUMI_F8, + .block_size = 8, + .key_size = { + .min = 16, + .max = 16, + .increment = 0 + }, + .iv_size = { + .min = 8, + .max = 8, + .increment = 0 + } + }, } + }, } + }, #endif RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() };